Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/vlua1bxalLU-XoHxoIN7a09W2TQ.roa
File: vlua1bxalLU-XoHxoIN7a09W2TQ.roa (raw, json)
Hash identifier: GD5nnaL3jWQ8kbxVHWPnB6ZHol6sd2Xk5MzeTeMmPvA=
Subject key identifier: BE:5B:9A:D5:BC:5A:94:B5:3E:5E:81:F1:A0:83:7B:6B:4F:56:D9:34
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A2AA74616A85A31CBC1B0D74F59418142
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/vlua1bxalLU-XoHxoIN7a09W2TQ.roa
Signing time: Fri 25 Aug 2023 03:05:19 +0000
ROA not before: Fri 25 Aug 2023 03:05:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:2aa6:d5e0/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:2a:a7:46:16:a8:5a:31:cb:c1:b0:d7:4f:59:41:81:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 25 03:05:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=be5b9ad5bc5a94b53e5e81f1a0837b6b4f56d934
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:eb:7b:81:85:80:44:fa:28:b2:e8:b4:2a:36:
14:a3:f9:c7:15:09:df:08:f8:17:1f:ae:90:c1:51:
04:d3:ab:8e:c0:96:be:9a:b0:f2:e5:7b:ae:aa:8a:
8a:fe:65:88:69:4b:05:7c:7b:1d:10:6c:80:d2:01:
4b:a3:69:7f:aa:ef:12:d3:7c:de:37:4b:55:a9:41:
1d:40:c5:ee:a0:e8:5d:da:db:0a:81:76:ab:7b:30:
5a:fb:6e:8b:08:9d:31:06:30:43:ea:6d:59:b8:ea:
3b:51:53:e2:04:1a:cf:0b:9a:13:ef:da:04:6e:7f:
1d:49:70:fe:06:b6:71:11:1f:6f:3b:cc:26:3e:87:
35:bd:a9:04:c7:6e:48:9d:79:af:11:25:84:af:b5:
94:68:ef:ee:ea:27:ba:d8:ff:2c:7b:43:03:0f:ce:
43:87:98:2d:9b:d0:ab:b0:e3:80:f3:71:27:98:58:
ae:39:8c:e0:57:0c:88:93:e3:a4:fa:41:11:13:0d:
d8:28:1d:f2:b4:bd:71:21:ac:f0:63:c9:5c:08:45:
ec:be:95:20:da:32:48:67:2b:f6:f7:a0:13:c3:66:
a1:8d:96:df:02:df:06:a8:3a:44:62:01:1f:10:71:
21:b2:e4:86:66:3d:a0:e9:a5:9f:65:30:af:16:94:
20:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:5B:9A:D5:BC:5A:94:B5:3E:5E:81:F1:A0:83:7B:6B:4F:56:D9:34
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/vlua1bxalLU-XoHxoIN7a09W2TQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
72:d4:83:f2:85:02:79:a9:e7:cd:75:9d:17:c5:28:fe:8b:66:
61:d6:8a:c7:69:c3:3a:b9:5d:e2:f9:2e:c6:bb:63:f8:f9:23:
cc:af:98:9b:b0:7d:f1:12:8a:ea:f8:b6:e8:bb:d1:4a:59:7b:
6d:0e:e0:57:03:ce:47:bd:59:3b:77:8e:03:9e:d5:fd:79:50:
80:05:a1:f6:c0:b5:2e:14:95:9b:78:a9:84:1c:1f:11:a4:7e:
d8:73:5b:86:52:5a:84:05:89:e3:7b:b8:c3:4c:a1:8e:66:c0:
2b:43:0a:6f:78:fb:c9:b2:13:ec:9a:7c:a2:a5:a5:61:1f:47:
f5:9b:39:38:7c:f1:99:a9:e1:f1:af:93:72:21:39:62:db:eb:
91:2c:bc:58:df:7e:b8:f5:be:53:29:62:98:1e:39:a3:4e:f9:
bf:1b:0f:29:e4:f5:e2:53:88:3c:b3:d4:92:79:2b:f4:35:a1:
3e:aa:95:af:31:a7:70:26:4d:59:d9:65:8f:8a:7c:f5:ab:8a:
4f:10:f0:1c:df:8f:bd:b5:bc:4d:ad:f7:3d:3d:48:b3:69:98:
61:ce:ea:74:48:b8:59:5d:a1:b9:a7:81:cc:a9:7a:9a:fd:2b:
d3:b2:4c:03:7d:2c:9c:17:80:bd:76:90:d8:c6:7f:fd:ba:95:
a1:e0:fd:d0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYoqp0YWqFoxy8Gw109ZQYFCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODI1MDMwNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTViOWFkNWJjNWE5NGI1M2U1ZTgxZjFhMDgzN2I2YjRmNTZkOTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmet7gYWARPoosui0KjYUo/nHFQnf
CPgXH66QwVEE06uOwJa+mrDy5XuuqoqK/mWIaUsFfHsdEGyA0gFLo2l/qu8S03ze
N0tVqUEdQMXuoOhd2tsKgXarezBa+26LCJ0xBjBD6m1ZuOo7UVPiBBrPC5oT79oE
bn8dSXD+BrZxER9vO8wmPoc1vakEx25InXmvESWEr7WUaO/u6ie62P8se0MDD85D
h5gtm9CrsOOA83EnmFiuOYzgVwyIk+Ok+kEREw3YKB3ytL1xIazwY8lcCEXsvpUg
2jJIZyv296ATw2ahjZbfAt8GqDpEYgEfEHEhsuSGZj2g6aWfZTCvFpQgpQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFL5bmtW8WpS1Pl6B8aCDe2tPVtk0MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvdmx1YTFieGFsTFUtWG9IeG9JTjdhMDlXMlRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHLUg/KFAnmp5811nRfF
KP6LZmHWisdpwzq5XeL5Lsa7Y/j5I8yvmJuwffESiur4tui70UpZe20O4FcDzke9
WTt3jgOe1f15UIAFofbAtS4UlZt4qYQcHxGkfthzW4ZSWoQFieN7uMNMoY5mwCtD
Cm94+8myE+yafKKlpWEfR/WbOTh88Zmp4fGvk3IhOWLb65EsvFjffrj1vlMpYpge
OaNO+b8bDynk9eJTiDyz1JJ5K/Q1oT6qla8xp3AmTVnZZY+KfPWrik8Q8Bzfj721
vE2t9z09SLNpmGHO6nRIuFldobmngcypepr9K9OyTAN9LJwXgL12kNjGf/26laHg
/dA=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:55:09 2025 by rpki-client